We have been investigating the reports from some users whose coins have been stolen. While our analysis did not conclusively discover the full extent of what happened, we did find some phishing sites for the web wallet, and we found security leaks in the web and java / android wallet that may have resulted in full exposure of private / public key pairs. Any wallet created or loaded in the web wallet or java / android wallet is potentially impacted; all the alternate wallets are now deprecated and it is imperative that any user that has used them install either the CLI or the GUI Lightwallet (https://www.arionum.com/), generate new wallets and transfer their coins to the new wallets as soon as possible. If anyone has trouble with the classic wallets, please DM us and we'll help you set them up.

There is no evidence at this time to suggest that the CLI or GUI Lightwallets are impacted, and any wallets created and maintained exclusively in those tools remain safe to the best of our knowledge.

Moving forward, we are carefully reviewing the alternative wallet code to ensure there are no additional security leaks, and do not recommend their use until that process has completed. We thank you for your patience and attention in this matter.

I would like to provide more insight into the hacked wallet problems. I am sorry for the delay in providing all the information, it took a lot of time to investigate and get all the facts. The alternate wallets (web/android/java) had a bug leaking the keys to cuby's server. That server became a big target, was hacked and the keys recovered from the access logs. Last night we managed to recover the logs and what we believe to be most of the compromised keys from them. It seems that there are still many users that did not heed our warnings so we have decided to empty all those accounts into a new safe account. ( https://arionum.info/account/4kWXV4HMuo ... MkamTfwRBP ). All the users who've had their coins sent to this account should contact me to get their coins into a new wallet. For the ones that had an escrow transaction, the proof will be done by keys + email verification. For the ones that had mercatox transactions, the funds can be directly sent to mercatox using their memo, once mercatox opens. For the rest, there will be a cooling off period of 2 months to ensure there are no counter claims.
Regarding the compromised masternodes, we plan on hard forking in the next days, cancelling all the compromised masternodes and returning the funds to the users. There are 49 masternodes compromised.
On the bright side, seems Octaex new wallets were compromised as well and 2.2 mil coins have been recovered. The users who've lost coins on Octaex should contact us to find some way to return them some of the coins.